For the Auth0 integration, I don't feel comfortabl...
# prisma-whats-newb
be4r
06/12/2017, 9:41 PMFor the Auth0 integration, I don't feel comfortable putting the ClientID and Client Secret on the Client side. What are some ways to hide this information when I bundle via webpack? Or what are some solutions to keep this information hidden?
n
nilan
06/12/2017, 9:52 PM@be4r oh, you should not put the client secret in the client at all
nilan
06/12/2017, 9:52 PM@be4r where did you read that?
b
be4r
06/12/2017, 9:57 PMsorry about the confusion
be4r
06/12/2017, 9:57 PMactually reading through this
be4r
06/12/2017, 9:57 PMi guess all we have to provide is the network uri
be4r
06/12/2017, 9:59 PMactually yes i do include the clientId
be4r
06/12/2017, 9:59 PMbe4r
06/12/2017, 9:59 PMbut clientId is fine right?
n
nilan
06/12/2017, 10:08 PMyes simple smile
a
agartha
06/12/2017, 10:30 PMClient Id = used together with domain so Auth0 knows which account/app to authenticate for
Client secret = used to validate tokens sent from auth0 to a server, so the server knows to accept the token
agartha
06/12/2017, 10:31 PMThat's why Graphcool needs to know the client secret, and you only need to configure domain/client id in your app